This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about three different ransomware campaigns that caused havoc in different public sectors. Also, read how threat actors are infecting vulnerable Linux servers with a cryptocurrency miner.
Read on:
XDR is the expansion of Endpoint Detection & Response (EDR) to include other areas of a network beyond endpoint, allowing an organization to get visibility into the entire attack lifecycle. This includes infiltration, lateral movement, and exfiltration to improve protection of critical systems.
Windows Server 2008 End of Support: Are you Prepared?
Windows Server 2008 and Server 2008 R2 will soon reach end of support on January 14, 2020 and organizations must prepare to deal with missing security updates, compliance issues, defending against malware and other non-security bugs.
Seattle Woman Charged in Capital One Breach May Have Data from Other Companies
A Seattle woman named Paige Thompson who is charged with taking data on more than 100 million customers from Capital One is reportedly a former Amazon Web Services systems engineer who may have accessed data from more companies.
Keeping a Hidden Identity: Mirai C&Cs in Tor Network
Trend Micro found a new Mirai sample that, like previous Mirai variants, allows attackers to use infected IoT devices for distributed denial of service (DDoS) attacks. Compared to previous variants, however, cybercriminals placed the command and control (C&C) server in the Tor network for anonymity.
DHS Warning: Small Planes Vulnerable to Cyberattack Through CAN Bus Component
The US Department of Homeland Security’s cybersecurity unit (CISA) announced that a vulnerability found in the Controller Area Network (CAN) of small planes could alter an aircraft’s telemetry if physically accessed by an attacker.
Black Hat 2019: 2020 Election Fraud Worries Attendees
More than 60 percent of cybersecurity experts say it is likely that hacking of voting machines will affect the next U.S. election, and they think that Russian cyber initiatives will specifically have a significant impact on the U.S. presidential election in 2020.
Everything is Software: The Consequences of Software Permeating Our World
The evolution and widespread adoption of sophisticated software is helping many industries become more efficient and productive, but also opens enterprises to additional threats. Having a proper defense is essential for those who are reliant on software, which includes implementing updates, proper patching and multi-layered security.
Inside the Smart Home: IoT Device Threats and Attack Scenarios
Smart home devices connected to the internet of things have revolutionized home living, but they have also given rise to new complications for home security. Trend Micro gives an overview of possible attack scenarios for various smart home devices and suggests security solutions for each.
Increasing Workload, Lack of Visibility, and Threat Hunting Challenges Cited as Top Concerns in SOCs
The Ponemon Institute’s survey of IT and IT security practitioners found that 58% of respondents have given their security operation center’s (SOC) effectiveness a low rating. Reasons cited are the lack of visibility into network traffic, lack of timely remediation, complexity, and lack of skilled personnel.
Fake Tech-Support Scams on Twitter Could Cost You, Study Warns
A report from Trend Micro detailed some of the latest ways cybercriminals are using Twitter to defraud users of their cash. It analyzed Twitter data over a three-day period in February and found criminals are gaming search engine results to lure more victims.
Risks Under the Radar: Understanding Fileless Threats
Fileless threats take advantage of a machine’s built-in tools and applications for attacks, essentially turning the system against itself. They leave no identifiable signature that could trigger traditional security software detection, allowing them to bypass standard security mechanisms.
Three Ransomware Campaigns Cause Problems in Different Public Sectors
Among the ransomware attacks from last week, three caused notable disruptions on institutions from different public sectors — energy, education, and law enforcement. Trend Micro shares insights into these attacks and gives advice on how to best defend against ransomware.
Louisiana Declares State of Emergency Due to Ransomware Attack
John Bel Edwards, Governor of Louisiana, has issued a state of emergency after a wave of ransomware attacks hit school districts. The Emergency Declaration allows Louisiana’s cybersecurity experts to assist local governments in securing their networks systems.
Watchbog Exploits Jira and Exim Vulnerabilities to Infect Linux Servers With Cryptocurrency Miner
Threat actors are targeting Linux servers with vulnerable software, namely the software development and project management tool Jira and the message transfer agent Exim, using a variant of the Watchbog trojan, which drops a Monero miner to expand their botnet operations.
Are you prepared for Windows Server 2008 to reach end of support in January 2020? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
Read More HERE